|Like this CertiGuide? Get it in PDF format!|
Use coupon code "certiguide" to save 20%!
|Also available: 300-question Security+ practice test!|
|Get It Here!|
5.7.3 Threat Identification
A threat is a probability
of causing harm. It is a combination of the capability
to do harm, the opportunity to do harm, and intent.
As weve discussed throughout
this book, threats to network security are almost endless. A very partial
list of sources of threats could include:
- The random cracker looking for a server on which
to host Warez or to see if he can break in to a system.
- The newbie system administrator who thought
he knew how to use that UNIX command.
- The deliberate cyber-spy looking to accumulate
competitive information on your company that he can use to improve his
own companys positioning.
- The ex-employee who desires revenge.
- The political activist who wishes to deface the
web sites of companies whose policies he disagrees with.
- The random technical person who resorts to extortion
(give me $20,000 or Ill release the credit card number list
I got off your web site) to finance their new BMW.
- The employee who doesnt know that email
attachments ending in .exe should not be opened without
the system administrators permission.
Areas of special attention when looking
for activities indicating the presence of new threats include:
- New user accounts or accounts with unusual activity
IE. logins at ODark:30 when the account is a daytime user.
- Changes in file lengths or dates.
- Shrinking log files.
- New files especially ones that have strange file
names or extensions.
- System crashes.
- Unusual activity that just doesnt feel
|If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!|
Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.